IP address

Search at other sites:

.000199.204.96.10

Shodan(more info)

Passive DNS

IP blacklists

UCEPROTECT L1

199.204.96.10 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-28 08:45:00.627000
Was present on blacklist at: 2025-03-04 16:45, 2025-03-05 00:45, 2025-03-05 08:45, 2025-03-05 16:45, 2025-03-06 00:45, 2025-03-06 08:45, 2025-03-06 16:45, 2025-03-07 00:45, 2025-03-07 08:45, 2025-03-07 16:45, 2025-03-08 00:45, 2025-03-08 08:45, 2025-03-08 16:45, 2025-03-09 00:45, 2025-03-09 08:45, 2025-03-09 16:45, 2025-03-10 00:45, 2025-03-10 08:45, 2025-03-10 16:45, 2025-03-11 00:45, 2025-03-11 08:45, 2025-03-11 16:45, 2025-03-12 00:45, 2025-03-12 08:45, 2025-03-12 16:45, 2025-03-13 00:45, 2025-03-13 08:45, 2025-03-13 16:45, 2025-03-14 00:45, 2025-03-14 08:45, 2025-03-14 16:45, 2025-03-15 00:45, 2025-03-15 08:45, 2025-03-15 16:45, 2025-03-16 00:45, 2025-03-16 08:45, 2025-03-16 16:45, 2025-03-17 00:45, 2025-03-17 08:45, 2025-03-17 16:45, 2025-03-18 00:45, 2025-03-18 08:45, 2025-03-18 16:45, 2025-03-19 00:45, 2025-03-19 08:45, 2025-03-21 16:45, 2025-03-22 00:45, 2025-03-22 08:45, 2025-03-22 16:45, 2025-03-23 00:45, 2025-03-23 08:45, 2025-03-23 16:45, 2025-03-24 00:45, 2025-03-24 08:45, 2025-03-24 16:45, 2025-03-25 00:45, 2025-03-25 08:45, 2025-03-25 16:45, 2025-03-26 00:45, 2025-03-26 08:45, 2025-03-26 16:45, 2025-03-27 00:45, 2025-03-27 08:45, 2025-03-27 16:45, 2025-03-28 00:45, 2025-03-28 08:45

CI Army

199.204.96.10 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-03-26 03:50:00.805000
Was present on blacklist at: 2025-03-05 03:50, 2025-03-06 03:50, 2025-03-07 03:50, 2025-03-08 03:50, 2025-03-09 03:50, 2025-03-10 03:50, 2025-03-12 03:50, 2025-03-13 03:50, 2025-03-14 03:50, 2025-03-15 03:50, 2025-03-22 03:50, 2025-03-23 03:50, 2025-03-24 03:50, 2025-03-25 03:50, 2025-03-26 03:50

AbuseIPDB

199.204.96.10 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-03-25 05:00:00.380000
Was present on blacklist at: 2025-03-05 05:00, 2025-03-08 05:00, 2025-03-09 05:00, 2025-03-10 05:00, 2025-03-13 05:00, 2025-03-22 05:00, 2025-03-24 05:00, 2025-03-25 05:00

Turris greylist

199.204.96.10 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-06 21:15:00.213000
Was present on blacklist at: 2025-03-05 22:15, 2025-03-06 22:15, 2025-03-07 22:15, 2025-03-08 22:15, 2025-03-10 22:15, 2025-03-13 22:15, 2025-03-22 22:15, 2025-03-25 22:15, 2025-04-06 21:15

Spamhaus XBL CBL

199.204.96.10 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-06 06:51:31.262000
Was present on blacklist at: 2025-03-11 06:51, 2025-03-18 06:51, 2025-03-25 06:51, 2025-04-08 06:51

Warden events (1616)

2025-04-05

ReconScanning (node.368407): 6

2025-03-24

ReconScanning (node.368407): 6

2025-03-23

ReconScanning (node.368407): 12

2025-03-22

ReconScanning (node.9c1411): 9

2025-03-21

ReconScanning (node.9c1411): 65

ReconScanning (node.368407): 11

2025-03-20

ReconScanning (node.368407): 127

ReconScanning (node.4dc198): 125

ReconScanning (node.9c1411): 42

ReconScanning (node.5f02e7): 1

2025-03-12

ReconScanning (node.9c1411): 5

ReconScanning (node.368407): 8

2025-03-11

ReconScanning (node.4dc198): 126

ReconScanning (node.368407): 127

ReconScanning (node.9c1411): 29

ReconScanning (node.5f02e7): 1

2025-03-09

ReconScanning (node.4dc198): 34

ReconScanning (node.368407): 37

2025-03-08

ReconScanning (node.368407): 89

ReconScanning (node.4dc198): 89

2025-03-06

ReconScanning (node.4dc198): 126

ReconScanning (node.368407): 126

2025-03-05

ReconScanning (node.4dc198): 46

ReconScanning (node.368407): 46

2025-03-04

ReconScanning (node.368407): 162

ReconScanning (node.4dc198): 161

DShield reports (IP summary, reports)

2025-03-04

Number of reports: 6994

Distinct targets: 2429

2025-03-05

Number of reports: 3843

Distinct targets: 2245

2025-03-06

Number of reports: 6055

Distinct targets: 3979

2025-03-07

Number of reports: 688

Distinct targets: 403

2025-03-08

Number of reports: 3994

Distinct targets: 2651

2025-03-09

Number of reports: 2951

Distinct targets: 1691

2025-03-11

Number of reports: 6068

Distinct targets: 4047

2025-03-12

Number of reports: 1046

Distinct targets: 507

2025-03-13

Number of reports: 76

Distinct targets: 37

2025-03-15

Number of reports: 281

Distinct targets: 239

2025-03-20

Number of reports: 4828

Distinct targets: 4123

2025-03-21

Number of reports: 876

Distinct targets: 520

2025-03-23

Number of reports: 394

Distinct targets: 245

2025-03-24

Number of reports: 349

Distinct targets: 114

2025-04-05

Number of reports: 348

Distinct targets: 123

OTX pulses

[5a7e3e70c44e7b48947593a7] 2018-02-10 00:36:00.396000 | Webscanners 2018-02-09 thru current day

Author name:	david3
Pulse modified:	2025-05-05 12:00:26.560000
Indicator created:	2025-04-05 12:35:29
Indicator role:	scanning_host
Indicator title:	404 NOT FOUND
Indicator expiration:	2025-07-04 00:00:00

[67cd8935790c4687c70efcd8] 2025-03-09 12:27:33.674000 | Webshell backdoor honeypot logs for 2025/03/09

Author name:	jnazario
Pulse modified:	2025-03-09 12:27:33.674000
Indicator created:	2025-03-09 12:27:34
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-08 12:00:00

[67dd5af3465aa57628dc0963] 2025-03-21 12:26:27.665000 | Webshell backdoor honeypot logs for 2025/03/21

Author name:	jnazario
Pulse modified:	2025-03-21 12:26:27.665000
Indicator created:	2025-03-21 12:26:28
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-20 12:00:00

Origin AS

AS399045 - DEDIOUTLET-NETWORKS

BGP Prefix

199.204.96.0/22

geo

United States

🕑 America/Chicago

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

199.204.96.0 - 199.204.99.255

last_activity

2025-05-05 12:02:03.247000

last_warden_event

2025-04-05 13:58:58

rep

0.0

reserved_range

0

ts_added

2025-03-04 06:51:24.909000

ts_last_update

2025-05-11 06:51:31.056000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses